August 5th, 2004
Critical XP SP2 Alert: Cancel all non-AMD system buys
Leading up to the release of Service Pack 2 for Windows XP, several Microsoft executives have cited a feature called Data Execution Prevention (DEP) as a key sentry in the fight against viruses and worms that load themselves into areas of a computer’s memory normally reserved for data. The often cited "buffer overrun" – used by some of the worst exploits in history (MSBlaster, Code Red, Slammer) falls into this category of transgression. When armed with SP2’s DEP feature, those areas of memory where such viruses and worms try to load themselves are marked for "no execution." In other words, the executable code that viruses and worms rely on cannot run in these areas of memory. Unfortunately, except for users with systems based on AMD’s Athlon 64, Sempron (mobile), or Opteron microprocessors (a very tiny percentage of the more than 200 million users of Windows XP), almost no one can take advantage of this important technology.
Intel-based notebook and desktop systems that support DEP will not start shipping until the end of 2004 (Intel currently supports the technique in its Itanium processor for servers). As such, my advice is that all planned purchases for Intel-based desktops, notebooks, and non-Itanium-based servers be cancelled or postponed if possible. Instead, buyers should consider systems based on one of the aforementioned AMD technologies, or wait until support for DEP is available in shipping Intel-based systems. Speaking of SP2, it has been delayed for a third time. This is bad news for users but good news for Intel. Here’s why.
